In a letter dated July 12 that was released on Monday, Wyden asked EAC Chairwoman Christy McCormick how the agency plans to address this “looming cybersecurity crisis.”

ADVERTISEMENT

“Intelligence officials have made it clear that Russian hackers targeted our elections in 2016, and that they expect similar threats in 2020,” Wyden wrote. “The continued use of out-of-date software on voting machines and the computers used to administer elections lays out the red carpet for foreign hackers. This is unacceptable.”

The Associated Press recently reported that the majority of U.S. counties use election management systems that run on Windows 7, an outdated operating system that Microsoft will stop updating in January. The systems are responsible for programming voting machines and tallying votes.

Wyden focused his questions on whether products created by Election Systems and Software (ES&S), one of the major U.S. voting equipment manufacturers, would be decertified by the EAC prior to the 2020 elections. According to EAC documentation, the equipment uses Windows 7.

Wyden gave McCormick a July 26 deadline to respond to his questions.

The Oregon senator has been a leading voice on the topic of election security, introducing the Protecting American Votes and Elections Act with 14 Senate Democratic co-sponsors in May. The bill would give the Department of Homeland Security the authority to set mandatory cybersecurity requirements for every aspect of the election system.

There are no nationwide mandatory cybersecurity standards for elections.

“New federal election laws would not be the right thing to do, so I assume we’d have no legislation like that come through the Rules Committee,” Blunt told The Hill last week following a classified Senate election security briefing.